Mantis Bug Tracker RCE Vulnerability - Red Hat Bugzilla

On May 26, 2008, the Red Hat Bugzilla portal reported the discovery of a serious Remote Code Execution vulnerability (CVE-2008-3332) in the Mantis 1.1.1 software, publicly attributing the discovery to Francesco “ascii” Ongaro and Antonio “s4tan” Parata. The advisory described how arbitrary PHP code execution could occur through the eval() function in the adm_config_set.php file, in the presence of administrative privileges. The flaw was fixed with the package update to version 1.1.2 in the Fedora 8 and 9 repositories. The technical analysis, also published on USH.it and Bugtraq, confirms Ongaro’s commitment to actively contributing to open source software security.